Thread (11 messages) 11 messages, 3 authors, 2017-03-27

[PATCH v4] tpm_crb: request and relinquish locality 0

From: Jerry Snitselaar <hidden>
Date: 2017-03-26 16:39:33
Also in: lkml 


----- Original Message -----
From: "Jarkko Sakkinen" <redacted>
To: "Jerry Snitselaar" <redacted>, "gang wei" <redacted>
Cc: "Jarkko Sakkinen" <redacted>, tpmdd-devel at lists.sourceforge.net,
linux-security-module at vger.kernel.org, "Peter Huewe" [off-list ref], "Marcel Selhorst" [off-list ref],
"Jason Gunthorpe" [off-list ref], "open list" [off-list ref]
Sent: Sunday, March 26, 2017 3:52:39 AM
Subject: Re: [PATCH v4] tpm_crb: request and relinquish locality 0

On Sat, Mar 25, 2017 at 09:52:11PM +0200, Jarkko Sakkinen wrote:
quoted
On Fri, Mar 24, 2017 at 11:25:57AM -0700, Jerry Snitselaar wrote:
quoted
Jarkko Sakkinen @ 2017-03-24 10:10 GMT:
quoted
This commit adds support for requesting and relinquishing locality 0 in
tpm_crb for the course of command transmission.

In order to achieve this, two new callbacks are added to struct
tpm_class_ops:

- request_locality
- relinquish_locality

With CRB interface you first set either requestAccess or relinquish bit
from TPM_LOC_CTRL_x register and then wait for locAssigned and
tpmRegValidSts bits to be set in the TPM_LOC_STATE_x register.

The reason why were are doing this is to make sure that the driver
will work properly with Intel TXT that uses locality 2. There's no
explicit guarantee that it would relinquish this locality. In more
general sense this commit enables tpm_crb to be a well behaving
citizen in a multi locality environment.

Signed-off-by: Jarkko Sakkinen <redacted>
Reviewed-by: Jerry Snitselaar <redacted>
Tested-by: Jerry Snitselaar <redacted>

Tested on kabylake system that was hitting issues with earlier
iteration. Still don't have platform to test it dealing with
multi-locality enviroment.
I believe Jimmy (Gang Wei) has done such testing. Jimmy can you confirm
and possibly do re-test (there's a locality branch in my tree to ease
the testing) so that we could land this one?

/Jarkko
I applied this to my master and next branches.

/Jarkko
Hi Jarkko,

The patch applied to next and master doesn't have the assignment moved
inside the mutex.
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help